Internal Penetration Testing

iNDUSTRY CHALLENGE

Vulnerabilities can be virtually everywhere on your network. Ranging from old software that needs a security patch from the vendor or weak system configurations, to vulnerabilities hiding in custom applications on your network that can be exploited to gain direct/privileged access to your network. With the introduction of cloud infrastructure, vulnerabilities have extended further into hosted environments that may have ties to the internal networks.

The search terms “vulnerability scan assessment,” “manual penetration test,” and “pen test companies” are often used interchangeably due in great part to marketing hype and sloppy use of terms like “scanning” – which is not penetration testing; automated vulnerability scanners are limited to scanning for known vulnerabilities. Deep-dive manual penetration testing simulates the overt actions of a malicious attacker producing real-world results on actual vulnerabilities.

Speak to an expert

NetSPI’s internal network vulnerability assessment service is fully customized to every client’s requirements. The service typically includes a comprehensive, process driven, and methodical scan/assess/attack program for assessing the security status of your internal network. Potential vulnerabilities identified by the initial scanning efforts are then verified to eliminate false positives. NetSPI experts thoroughly analyze the remainder, and manually probe for any unidentified vulnerabilities the scanners couldn’t find.

NetSPI performs a final, detailed review of all tasks performed during the engagement by our testers (including detailed notes, screen shots, video captures, etc.), final remediation recommendations, and additional reports designed specifically to keep senior management informed with an executive summary.

USE NETSPI RESOLVE™ FOR INTERNAL PENETRATION TESTING

Resolve is essential for every internal penetration testing project. It allows the test results to be customized in various ways, such as focusing on a particular host in a network with many hosts, or on how potential entry points can be exploited via different escalation paths. Resolve includes “white hat tips” to guide testers in exploring potential vulnerabilities and documenting them for future use by other NetSPI testers. Our proven testing methodology:

Ensures consistency across tests and testers

Provides repeatable testing methodology

Correlates and normalizes scanning data from multiple tools and rounds of scanning into clear remediation recommendations

NETSPI’S VALUE

NetSPI’s comprehensive coverage approach provides senior-consulting oversight on every project, enabling your company to leverage the expertise of the entire team of specialists to give you world-class consulting without impacting your budget